Security Advisory

CVE-2025-12683

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-04 04:23:02

Last updated 2025-11-04 20:50:21

Assigner Gridware

State PUBLISHED

Description

The service employed by Everything, running as SYSTEM, communicates with the lower privileged Everything GUI via a named pipe. The named pipe has a NULL DACL and thus provides all users full permission over it; leading to potential Service Denial Of Service or Privilege escalation(only if chained with other elements) for a local low privilege user.

← Browse all CVEs View on cve.org ↗